storj/satellite/console/consoleweb/server.go

390 lines
11 KiB
Go

// Copyright (C) 2019 Storj Labs, Inc.
// See LICENSE for copying information.
package consoleweb
import (
"context"
"encoding/json"
"html/template"
"net"
"net/http"
"path"
"path/filepath"
"strconv"
"strings"
"time"
"github.com/graphql-go/graphql"
"github.com/skyrings/skyring-common/tools/uuid"
"github.com/zeebo/errs"
"go.uber.org/zap"
"golang.org/x/sync/errgroup"
monkit "gopkg.in/spacemonkeygo/monkit.v2"
"storj.io/storj/pkg/auth"
"storj.io/storj/satellite/console"
"storj.io/storj/satellite/console/consoleweb/consoleql"
"storj.io/storj/satellite/mailservice"
)
const (
authorization = "Authorization"
contentType = "Content-Type"
authorizationBearer = "Bearer "
applicationJSON = "application/json"
applicationGraphql = "application/graphql"
)
var (
// Error is satellite console error type
Error = errs.Class("satellite console error")
mon = monkit.Package()
)
// Config contains configuration for console web server
type Config struct {
Address string `help:"server address of the graphql api gateway and frontend app" default:"127.0.0.1:8081"`
StaticDir string `help:"path to static resources" default:""`
ExternalAddress string `help:"external endpoint of the satellite if hosted" default:""`
StripeKey string `help:"stripe api key" default:""`
// TODO: remove after Vanguard release
AuthToken string `help:"auth token needed for access to registration token creation endpoint" default:""`
AuthTokenSecret string `help:"secret used to sign auth tokens" releaseDefault:"" devDefault:"my-suppa-secret-key"`
PasswordCost int `internal:"true" help:"password hashing cost (0=automatic)" default:"0"`
}
// Server represents console web server
type Server struct {
log *zap.Logger
config Config
service *console.Service
mailService *mailservice.Service
listener net.Listener
server http.Server
schema graphql.Schema
}
// NewServer creates new instance of console server
func NewServer(logger *zap.Logger, config Config, service *console.Service, mailService *mailservice.Service, listener net.Listener) *Server {
server := Server{
log: logger,
config: config,
listener: listener,
service: service,
mailService: mailService,
}
logger.Sugar().Debugf("Starting Satellite UI on %s...", server.listener.Addr().String())
if server.config.ExternalAddress != "" {
if !strings.HasSuffix(server.config.ExternalAddress, "/") {
server.config.ExternalAddress += "/"
}
} else {
server.config.ExternalAddress = "http://" + server.listener.Addr().String() + "/"
}
mux := http.NewServeMux()
fs := http.FileServer(http.Dir(server.config.StaticDir))
mux.Handle("/api/graphql/v0", http.HandlerFunc(server.grapqlHandler))
if server.config.StaticDir != "" {
mux.Handle("/activation/", http.HandlerFunc(server.accountActivationHandler))
mux.Handle("/password-recovery/", http.HandlerFunc(server.passwordRecoveryHandler))
mux.Handle("/cancel-password-recovery/", http.HandlerFunc(server.cancelPasswordRecoveryHandler))
mux.Handle("/registrationToken/", http.HandlerFunc(server.createRegistrationTokenHandler))
mux.Handle("/usage-report/", http.HandlerFunc(server.bucketUsageReportHandler))
mux.Handle("/static/", http.StripPrefix("/static", fs))
mux.Handle("/", http.HandlerFunc(server.appHandler))
}
server.server = http.Server{
Handler: mux,
}
return &server
}
// appHandler is web app http handler function
func (s *Server) appHandler(w http.ResponseWriter, req *http.Request) {
http.ServeFile(w, req, filepath.Join(s.config.StaticDir, "dist", "public", "index.html"))
}
// bucketUsageReportHandler generate bucket usage report page for project
func (s *Server) bucketUsageReportHandler(w http.ResponseWriter, req *http.Request) {
ctx := req.Context()
var err error
defer mon.Task()(&ctx)(&err)
var projectID *uuid.UUID
var since, before time.Time
tokenCookie, err := req.Cookie("tokenKey")
if err != nil {
s.log.Error("bucket usage report error", zap.Error(err))
w.WriteHeader(http.StatusUnauthorized)
http.ServeFile(w, req, filepath.Join(s.config.StaticDir, "static", "errors", "404.html"))
return
}
auth, err := s.service.Authorize(auth.WithAPIKey(ctx, []byte(tokenCookie.Value)))
if err != nil {
s.log.Error("bucket usage report error", zap.Error(err))
w.WriteHeader(http.StatusUnauthorized)
http.ServeFile(w, req, filepath.Join(s.config.StaticDir, "static", "errors", "404.html"))
return
}
defer func() {
if err != nil {
s.log.Error("bucket usage report error", zap.Error(err))
w.WriteHeader(http.StatusNotFound)
http.ServeFile(w, req, filepath.Join(s.config.StaticDir, "static", "errors", "404.html"))
}
}()
// parse query params
projectID, err = uuid.Parse(req.URL.Query().Get("projectID"))
if err != nil {
return
}
sinceStamp, err := strconv.ParseInt(req.URL.Query().Get("since"), 10, 64)
if err != nil {
return
}
beforeStamp, err := strconv.ParseInt(req.URL.Query().Get("before"), 10, 64)
if err != nil {
return
}
since = time.Unix(sinceStamp, 0)
before = time.Unix(beforeStamp, 0)
s.log.Debug("querying bucket usage report",
zap.String("projectID", projectID.String()),
zap.String("since", since.String()),
zap.String("before", before.String()))
ctx = console.WithAuth(ctx, auth)
bucketRollups, err := s.service.GetBucketUsageRollups(ctx, *projectID, since, before)
if err != nil {
return
}
report, err := template.ParseFiles(path.Join(s.config.StaticDir, "static", "reports", "UsageReport.html"))
if err != nil {
return
}
err = report.Execute(w, bucketRollups)
}
// accountActivationHandler is web app http handler function
func (s *Server) createRegistrationTokenHandler(w http.ResponseWriter, req *http.Request) {
ctx := req.Context()
defer mon.Task()(&ctx)(nil)
w.Header().Set(contentType, applicationJSON)
var response struct {
Secret string `json:"secret"`
Error string `json:"error,omitempty"`
}
defer func() {
err := json.NewEncoder(w).Encode(&response)
if err != nil {
s.log.Error(err.Error())
}
}()
authToken := req.Header.Get("Authorization")
if authToken != s.config.AuthToken {
w.WriteHeader(401)
response.Error = "unauthorized"
return
}
projectsLimitInput := req.URL.Query().Get("projectsLimit")
projectsLimit, err := strconv.Atoi(projectsLimitInput)
if err != nil {
response.Error = err.Error()
return
}
token, err := s.service.CreateRegToken(ctx, projectsLimit)
if err != nil {
response.Error = err.Error()
return
}
response.Secret = token.Secret.String()
}
// accountActivationHandler is web app http handler function
func (s *Server) accountActivationHandler(w http.ResponseWriter, req *http.Request) {
ctx := req.Context()
defer mon.Task()(&ctx)(nil)
activationToken := req.URL.Query().Get("token")
err := s.service.ActivateAccount(ctx, activationToken)
if err != nil {
s.log.Error("activation: failed to activate account",
zap.String("token", activationToken),
zap.Error(err))
s.serveError(w, req)
return
}
http.ServeFile(w, req, filepath.Join(s.config.StaticDir, "static", "activation", "success.html"))
}
func (s *Server) passwordRecoveryHandler(w http.ResponseWriter, req *http.Request) {
ctx := req.Context()
defer mon.Task()(&ctx)(nil)
recoveryToken := req.URL.Query().Get("token")
if len(recoveryToken) == 0 {
s.serveError(w, req)
return
}
switch req.Method {
case "POST":
err := req.ParseForm()
if err != nil {
s.serveError(w, req)
}
password := req.FormValue("password")
passwordRepeat := req.FormValue("passwordRepeat")
if strings.Compare(password, passwordRepeat) != 0 {
s.serveError(w, req)
return
}
err = s.service.ResetPassword(ctx, recoveryToken, password)
if err != nil {
s.serveError(w, req)
}
http.ServeFile(w, req, filepath.Join(s.config.StaticDir, "static", "resetPassword", "success.html"))
default:
t, err := template.ParseFiles(filepath.Join(s.config.StaticDir, "static", "resetPassword", "resetPassword.html"))
if err != nil {
s.serveError(w, req)
}
err = t.Execute(w, nil)
if err != nil {
s.serveError(w, req)
}
}
}
func (s *Server) cancelPasswordRecoveryHandler(w http.ResponseWriter, req *http.Request) {
ctx := req.Context()
defer mon.Task()(&ctx)(nil)
recoveryToken := req.URL.Query().Get("token")
if len(recoveryToken) == 0 {
http.Redirect(w, req, "https://storjlabs.atlassian.net/servicedesk/customer/portals", http.StatusSeeOther)
}
// No need to check error as we anyway redirect user to support page
_ = s.service.RevokeResetPasswordToken(ctx, recoveryToken)
http.Redirect(w, req, "https://storjlabs.atlassian.net/servicedesk/customer/portals", http.StatusSeeOther)
}
func (s *Server) serveError(w http.ResponseWriter, req *http.Request) {
http.ServeFile(w, req, filepath.Join(s.config.StaticDir, "static", "errors", "404.html"))
}
// grapqlHandler is graphql endpoint http handler function
func (s *Server) grapqlHandler(w http.ResponseWriter, req *http.Request) {
ctx := req.Context()
defer mon.Task()(&ctx)(nil)
w.Header().Set(contentType, applicationJSON)
token := getToken(req)
query, err := getQuery(req)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
ctx = auth.WithAPIKey(ctx, []byte(token))
auth, err := s.service.Authorize(ctx)
if err != nil {
ctx = console.WithAuthFailure(ctx, err)
} else {
ctx = console.WithAuth(ctx, auth)
}
rootObject := make(map[string]interface{})
rootObject["origin"] = s.config.ExternalAddress
rootObject[consoleql.ActivationPath] = "activation/?token="
rootObject[consoleql.PasswordRecoveryPath] = "password-recovery/?token="
rootObject[consoleql.CancelPasswordRecoveryPath] = "cancel-password-recovery/?token="
rootObject[consoleql.SignInPath] = "login"
result := graphql.Do(graphql.Params{
Schema: s.schema,
Context: ctx,
RequestString: query.Query,
VariableValues: query.Variables,
OperationName: query.OperationName,
RootObject: rootObject,
})
err = json.NewEncoder(w).Encode(result)
if err != nil {
s.log.Error(err.Error())
return
}
sugar := s.log.Sugar()
sugar.Debug(result)
}
// Run starts the server that host webapp and api endpoint
func (s *Server) Run(ctx context.Context) (err error) {
defer mon.Task()(&ctx)(&err)
s.schema, err = consoleql.CreateSchema(s.log, s.service, s.mailService)
if err != nil {
return Error.Wrap(err)
}
ctx, cancel := context.WithCancel(ctx)
var group errgroup.Group
group.Go(func() error {
<-ctx.Done()
return s.server.Shutdown(nil)
})
group.Go(func() error {
defer cancel()
return s.server.Serve(s.listener)
})
return group.Wait()
}
// Close closes server and underlying listener
func (s *Server) Close() error {
return s.server.Close()
}